Skip to content
release.yml – Release

Bump step-security/harden-runner from 2.13.0 to 2.13.1 (#79) #90

Sign in to view logs

Bump step-security/harden-runner from 2.13.0 to 2.13.1 (#79)

Bump step-security/harden-runner from 2.13.0 to 2.13.1 (#79) #90

Workflow file for this run

.github/workflows/release.yml at 7ba16be
name: release.yml – Release
on:
push:
branches:
- main
- next
- beta
- "*.x"
permissions:
contents: read # for checkout
jobs:
release:
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
name: release
runs-on: ubuntu-22.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
with:
cache: npm
node-version: lts/*
- run: npm clean-install
- run: corepack npm audit signatures
# pinned version updated automatically by Renovate.
# details at https://semantic-release.gitbook.io/semantic-release/usage/installation#global-installation
- run: npx semantic-release@v24.2.3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}